Netflow capture question
Matt Mullins
mokomull at gmail.com
Tue Oct 9 19:00:00 UTC 2012
On Tue, Oct 9, 2012 at 9:05 AM, Paul Macdonald <paul at ifdnrg.com> wrote:
> I don't have direct access to the router this is going via, will netflow,
> flowcapture allow me to monitor traffic ( by port/protocol etc) straight off
> the NIC?
flow-capture simply receives NetFlow data and stores it to disk.
You'll need to use that in combination with softflowd to listen for
raw packets on the NIC and generate the NetFlow information.
I highly suggest the book "Network Flow Analysis" by Michael Lucas if
you want to pursue this route; it's especially worth it if you're
going to leave this system around for long-term analysis.
--
Matt Mullins
More information about the freebsd-questions
mailing list